<?php
require_once("db_login.php");

$userid = mysql_real_escape_string($_POST['userid']);
$pwd = mysql_real_escape_string($_POST['pwd']);

if(empty($userid) || empty($pwd)){
	echo "请正确填写学号和密码!";
	die();
}

$sql = "SELECT password FROM t_student WHERE id='$userid'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);

mysql_close($connect);
if($row['password']==$pwd) {
	session_start();
	$_SESSION['userid'] = $userid;
	echo "yes";
} else {
	echo "学号或密码错误!";
}
?>